Posted
by
samzenpus
on Wednesday March 29, 2006 @09:03PM
from the grain-of-salt dept.

space_mongoose writes "According to this NewScientistTech story, intergalactic radio signals from quasars could emerge as an exotic but effective new tool for securing terrestrial communications against eavesdropping"

Quasars occur when galaxies collide (or at least that's the theory). Quasars we see now are billions of years old. Now, galaxies aren't really as close together anymore, so new quasars are extremely rare. Might not be many in the distant future with which to encrypt signals.

Actually, the most recent theory I've read is that Quasars are simply galaxies where the central black hole is actively consuming gas and other material at the center of the galaxy, creating a hot, energetic mass around the black hole..

They only appear as quasars to us when the galaxy is pointing in the right direction.

For one thing they are just using the data to create random numbers.. i.e. all.Logic being that, any random number we create is *not* random. i.e all.And most (all??) encryption (RSA onwards) is based on random numbers.

Even if there is only one quasar the freq of the signal at any time would be very random indeed. Even if it is as created using known scientific functions, chaos theory predict that we wont be able to regenerate the same any time soon.

An encrypted transmission path between two parties relies on the same random data being available to both parties at the same time, which means it is either precomputed and both parties have a copy with them, or (in this case) it is a stream of data that both parties have access to in real time.

Not sure how well it would work if both parties were on opposite sides of the world though...

From the article:Umeno believes astronomical cryptography could appeal to anyone who requires high-security communications. He adds that the method does not require a large radio antenna or that the communicating parties be located in the same hemisphere, as radio signals can be broadcast over the internet at high speed.

Basically, he just wants to use the quasars as a source of true randomness, instead of/dev/random, which, although influenced by random events, is largely computed using pseudo-random proc

He would make more money building and selling little black boxes of randomness.Their signals can be sent across the internet in the same way.There are no lack of random signals available at all points in life, however communicating that randomness is the problem.

I've always thought a brilliant random key would be taking a snapshot of a range of websites at a preselected time, that way 2 individuals anywhere could have their keys.For instance, use the article headers from slashdot.org and bbc.co.uk at 11pm G

All one time pads are recorded from random data. You record a long stream of truly random input, then make two copies of the recording. Tne sender gets one copy, the receiver gets the other. Starting at the beginning of the pad, the sender uses each bit of the pad exactly once, then discards it. When the sender runs out of bits, he can not send any more data. The receiver decrypts decrypts likewise, discarding each pad bit after it has been used once. As long as the sender and receiver start with the same pads and don't skip or reuse any bits, they stay in syncronization.

Many perfectly good one time pads are drawn off of data "that anyone can record." For example, many pads are created from atmospheric noise. Anyone can record the same data, but unless you know exactly where and when the recording was done, it is computationally infeasible to record all possibilities, let alone brute force them.

There are many, many quasars that we record in the sky. All of them give off constant streams of random data. So it would be computationally intractable to record all possibilities or brute force a particulr message, because the attacker would have to know exactly which quasar was recorded, and exactly which instant the recording began. He would also have to know exactly which bit of the pad the sender was on when the sender started sending the message that he intercepted. All theoretically possible, but computationally intractable.

the length of the "one time pad" is large, but the number of them available? I mean the number of quasars that are good enough receivable to use for this purpose. I have no idea, but I doubt if its more than 2^32. In that case, brute force would be quite easy: just try each of the available quasar signals.:Record the signal of each of them at time T, also record the encrypted message at time T, and try them all out in a fast computer. Then you'll know which one you need to use for the rest of the encypted s

The length of the "one time pad" is large, but the number of them available? I mean the number of quasars that are good enough receivable to use for this purpose. I have no idea, but I doubt if its more than 2^32. In that case, brute force would be quite easy: just try each of the available quasar signals.:
Record the signal of each of them at time T, also record the encrypted message at time T, and try them all out in a fast computer.[...]

Well, you have a big problem with your time T. How do you know it? If you do not know the source (which quasar is used), it is also unlikely that you know the exact time T used for the start of the random stream. It is unlikely that you know it with a better precision than a few seconds. If the two parties do not exchange messages frequently or do not re-negociate the start of the random stream frequently, then you may not even know T with a precision of a day.

The NewScientistTech article does not give details about the amount of data available from the quasars, but other articles mention that quasars are typically observed in relatively high frequencies (20-40 GHz). Even if the signal strength is sampled with a low resolution and only a few truly random bits are extracted from the stream, you would still have a stream of bits that is in the Gbps range. This is a reasonably large amount of random data.

So even if the number of usable quasars is rather low (say, a few thousands: 2^10 instead of 2^32 as you mentioned), you would need a lot of antennas and petabytes of storage to record all these random streams. You would have to store something in the order of 2^40 bits per second for several seconds or even days (the uncertainty on T). This is not impossible if you have a large budget, but this is difficult and expensive.

It could even be much worse than 2^40: a recent catalogue of quasars from March 2006 [obs-hp.fr] mentions 85221 of them, with new findings doubling this number every second year: 48921 in 2003 [obs-hp.fr], 23760 in 2001 [obs-hp.fr], etc. Let's say that 2^15 of them are usable (and that you have 2^15 antennas at your disposal). If the signal strength is sampled with a medium resolution of 8 bits at a frequency of 30GHz and your uncertainty interval on T is about one hour, you would need to store 2^15 * 2^3 * 2^35 * 2^12 = 2^65 bits of data before starting your brute force attack. Good luck!

Once you have all this data, you still have to do the brute force attack. You wrote "just try each of the available quasar signals." This is correct but you ignore the fact that the random stream is unlikely to be used as is. It will probably be used to seed a stream cypher. In the simplest case, the random stream would be hashed a couple of times before being xor'ed with the data. You will need a huge amount of computing power to perform all these operations and try each of the available signals at each possible time offset.

Note: it is unlikely that both parties can get the signal and be synchronized with a nanosecond or picosecond resolution. So they would probably negociate a time window (say, with a resolution of one second or so) and some kind of unique marker within that time window in order to know exactly when to start. If you are the attacker and you cannot know which source is used, you probably do not know the time window nor the marker. But even in the unlikely case that you would have a way to obtain one or both of these, you would still have the problem of storing the huge amount of data from all quasars until you know which part of it should be analyzed.

So although a brute force attack based on recording all qasars is not impossible, it is not really easy. And anyway, my first reaction when I started reading this story was exactly like the comment mad

30 Ghz = 30 billion times per second, 8 bits each time = 240*10^9 bps240,000,000,000 bps * 3600 = 864,000,000,000,000 bits of dataThat is over 2^49 possible starting points for one antenna, given an hour of uncertaintyWith 2^15 antennas you now have 2^64 possible starting points.

This still doesn't take into account that if 2 people are sampling the same random data at the same frequency they need to pick the data at exactly the same time. One person's 30 Ghz sample could be offset from another person's 30 G

That there is a damned brilliant idea. I wonder if there are any easier to observe atronomical sources that would be just as good? Neutron stars, perhaps? (strip out the pulses and use the noise and pulse variations?)

Ouch. Good point. The reason I suggested neutron stars is that they are much easier to observe with a small aperture radio "scope", but you're right about the variations likely being inside the limits of the scope for a consistant neutron star.

Perhaps radio-loud neutron star / binary systems? That fulfills the easy to observe requirement and the signal synch, I think.

> RTFAA they use them to extract random data(noise).Good for one-time pads.

No, not good for "onetime pads". Since BOTH parties have to get the exact same signal, it can not include random noise. If it does not include random noise, then anyone can record the quasars and see what fits.

Even then, I'm sure using simple geometry and an ultra-precise laster rangefinder anyone could figure out where the dish is pointed.

The KGB used CBR (Cosmic Background Radiation) to produce reams and reams of codebooks/ciphers. They would create two copies, and dispatch one of the copies to the remote location for encryption, then keep one copy at Lubyanka Square.

Obviously, if one side of the cipher was intercepted, then the communication would be suspect - but for most communication, it was the most secure available to them. I don't see this quasar issue as being much different than that.

Now, if they were using quantum states to dynamically generate the ciphers in two seperate places at the same time, THAT would be something to behold.

Even then, I'm sure using simple geometry and an ultra-precise laster rangefinder anyone could figure out where the dish is pointed.

Which dish? It'd be easy to set up an array of dishes, each following a different quasar. Second, exactly when does the recording start? Third, unless you intercept every single communication, you're not going to be in sync with the incription.

You're thinking of pulsars, I believe. Neutron stars that blip out a radio pulse with every rotation are pulsars.

Quasars are currently believed to be massive black holes at the center of young galaxies which accelerate the incoming matter swirling to its doom up to relativistic speeds. The result is a broadband and powerful noise source.

This reminds me of a proposal I saw to use pulsars as a sort of "Interstellar GPS," making use of their signals to determine one's location. The description from Selenian Boondocks: [blogspot.com]

The other [Microcosm proposal] that appeared even more interesting to me was the idea (which I'll dub X-ray Pulsar Positioning System [smad.com] or XPPS for short) of using naturally occuring signals from X-ray Pulsars to provide positioning and attitude data anywhere in the solar system, not just inside the orbit of existing GPS satellites

Uhhh... This may be a trifle off topic. Pulsars (thought it was quasars? not the same thing) for a GPS-like function?

The similarity is that they're both unexpected applications for astrophysical phenomena.

That is that the bit stream received from GPS is completely predictable and the sequence recovered from these celestial sources is supposed to be completely unpredictable. The information gained from a GPS signal is not so much the message itself as it is the time when the message was received.

Depending on foreign stellar radio sources would be a bad idea in the event of an intergalactic war against the Frzznots, as they will immediately toggle the "private" switch on their XPS system, which they installed there in the first place.

There doesn't seem to be anything special about a quasar here... essentially all they are saying is that large amounts of random data can be used for quick and easy one time pad encryption, which to my knowledge is unbreakable, although I am not particularly well versed in cryptography...

For those that don't know, the idea behind a one time pad is that your key is random, and the same size as the data being sent. For example, if binary data is sent, simple xor encryption can be used as follows

unencrypted data: 10110000pad data : 10111001

xor the pad against the key and you get

encrypted data : 00001001

xor the same pad against the *encrypted* key again to get

original data : 10110001tada

One time pads have two major problems1. Both parties need the key.2. The key is large, thus cumbersome to carry around and likely to be discovered.

Problem 2 can be solved, while losing some randomness, by using a popular book as the pad. Then you could just head down to the library and check out catcher in the rye, or whatever book you agreed upon beforehand, and begin decoding.

I suppose that this could be used in conjunction with public key cryptography, so that public key cryptography is used to encrypt the coordinates of the quasar you want to use... but I really don't see why you need the quasar at all. Also, aren't there only 12,000 of them visible? If this technology became widespread and quasars were persistently used as sources of random data... someone with enough resources could just monitor them all and decrypt any data transmitted by checking it against all the data received from pulsars at that time.

They are indeed unbreakable, with a theoretical proof of unbreakability -- in the land of spherical horses [inflection-point.com], where you're allowed to make huge assumptions.

One underappreciated assumption about one-time-pads is that the recipient will (and can!) destroy the keying material after use so thoroughly that the adversary can't reconstruct it. There are several other issues, of which key distribution is one of the easiest. Just put a 500GB external drive in the diplomatic bag once and you've covered communications for a long time.

Here's the problem. The only things secret here are which quasar (13, 14 bits of uncertainty), when the sampling started (?? There won't be very many possible seconds that the adversary has to scan but sampling could start on a fraction of a second), and the sampling algorithm (but you have to assume in crypto that the adversary knows your algorithms). It's going to be easier to brute-force than a 6-word Diceware [diceware.com] passphrase unless atmospheric effects somehow make the quasar signal look different everywhere on earth.

Additionally, there may be filtering of the signal to select various frequency ranges, which would change the random sequence it produced (although may not matter if you could capture the whole signal anyway, but you'd need to know it to actually do the decryption)Anyway, once i've figured out all the parameters, all I need to do is send a box away from the origin of the quasar faster than the speed of light, so that it can effectively go back in time relative to the signal and capture it.

which to my knowledge is unbreakable, although I am not particularly well versed in cryptography

That's right, it is unbreakable - provided you never use the same key twice. And here's why:

Any message is a series of bits which can be represented as a number. Any key of the same length is a series of bits that can be represented as a number. Therefore, we can define the following function that operates on the entire message at once:

Believe it or not, there are still quite a few espionage-related radio transmissions - numbers stations [wikipedia.org] - in use today, particularly by Israel (Mossad), the UK (MI6), Cuba, and others. The transmissions consist of lists of numbers being read aloud (the process is usually automated today rather than read by an actual person), and it is assumed that the lists are messages encoded through the use of one-time pads. While the stations still exist and still tra

books are terrible sources of random for a one time pad. All you have to do is drag around some common words like "the" and then you'll start to get the plaintext/ciphertext. IIRC, this approach is called crib dragging. With a little guesswork (which a professional is capable of), they can figure out the source book in no time.

Ladies and gentlemen, uh, we've just lost the picture, but what we've seen speaks for itself. The Corvair spacecraft has apparently been taken over- 'conquered' if you will- by a master race of giant space quasars. It's difficult to tell from this vantage point whether they will consume the captive Earthmen or merely enslave them. One thing is for certain: there is no stopping them; the quasars will soon be here. And I, for one, welcome our new electron overlords. I'd like to remind them as a trusted slas

If Quasars are correlated photon emitters, then perhaps they can be used for encryption in the same way as quantum entanglement is used already?

All you have to do is ensure that both commnuicating parties sample ENOUGH of the particles arriving at earth, and presumably enough of them will be entangled such that any other observer would have a statistically observable effect on their communication, i.e. detectable as an interceptor.

OK, that's sounds hopeless.

How about if there was one day found to be a way of communicating via entanglement? Then perhaps quasars might well be great sources of entangled particles.

Remember, science is not advanced by claims of "Impossible!", but by "I wonder if..."

If this were done (using quasar emissions as a random number source for encryption), what would prevent a third party from surreptitiously generating pseudonoise locally that would mask the quasar emissions? I.e.:

Assume a spy Alice and her controller Bob are both based in the city Xerces, and are using quasar emission encryption [QEE] (I'm copyrighting that acronym-- you have a non-exlcusive license to use it in any way you want). If Xercians broadcast an apparently random stream that drowned out the quas

(Disclaimer: I have not rta)Isn't a problem with one time pads transmitting the large keys without raising suspicion? A smaller key can be embedded / transmitted without being detected (I realize this is security through obscurity which the purists will tear apart - but I'm sure its used more often then we realize). The smaller key could simply be the quasar and time to start recording the one time pad. Then both parties each have the key that is ultimately used to encrypt the message.